A resource request is a request generated by a computer system entity, such as a software application or a hardware device, by which the entity requests the use of certain system resources. Such resources may include the use of a hardware resource such as the display screen for writing to the screen, a software resource such as opening a new window in a Windows based system, accessing a network resource, such as an internet address, or any other resource controlled by an operating system. Typically, such requests are made to the operating system of the computer, as the operating system is typically the entity charged with resource allocation. Theoretically, however, the request can be made to any computer system software or hardware entity charged with resource allocation.
One example of a resource request is an Application Programming Interface (API), used by the Windows™ operating system. API's are function calls used by programmers to request the use of resources from the operating system. For example, in the case of Windows API's, a programmer need not program each new application to perform tasks such as drawing on the monitor, accessing a disk, writing to the printer, using an internet resource, or performing other functions. Instead, the API allows the programmer to request that the operating system perform these functions.
Resource requests are fulfilled whenever the device or resource requested is available. However, a computer user or administrator may wish to limit access to certain computer resources. For example, an administrator may wish to limit memory access to only those applications initiated on the same computer as the memory. This feature ensures that confidential files are accessed only by authorized individuals. In addition, many computer viruses utilize computer resource requests as the means of accessing or damaging computers. For example, a virus trying to access memory via an API request can destroy valuable files, or a virus accessing an internet connection can control or monitor email and other sensitive communications.
Process authentication is a means of assuring that a computer entity requesting a resource, and the user controlling it, have the proper authorization to use the desired resources. Process authentication introduces a layer of security, which monitors and filters out unwanted or un-permitted API calls, so that they will never be fulfilled by the operating system, or other entity in charge of resource allocation. As a result, the process authentication system can effectively lock out unpermitted user intrusions, unwanted applications or viruses, and prevent unauthorized access to system resources by users or applications.